Intel Security developed its Most Hackable Holiday Gifts list to identify popular tech gifts and some of the common security risks that could compromise personal data if devices are not properly secured. This list aims to educate and protect consumers from being at risk, especially during the busy holiday season.
In a world where cyber criminals take advantage of consumer’s online shopping habits by infiltrating digital devices, social media platforms and mobile apps when they largely unaware of where the weaknesses are in today’s tech, Things as simple and seemingly safe as a Wi-Fi connection, Bluetooth and smartwatches can quickly become the weak link in personal security
According to the Consumer Electronics Association, roughly 160 million people are planning to buy tech gifts this holiday season, and their study found that the most popular gifts this year among emerging tech will include wearable fitness activity trackers (12%), smart watches (12%), action cameras (12%) and drones (7%) so the risk is high.
“While popular gifts such as electronic toys and gadgets are going to make many people happy this festive season, consumers should be aware of common security risks whether they’re buying or receiving the gifts,” said David Freer, Vice President for Consumer, Asia Pacific, Intel Security. “Know the risks associated with connectivity to WiFI and Bluetooth, while adopting habits like using strong passwords, and pairing comprehensive security solutions with regular device updates for protection.”
Intel Security’s 2015 Most Hackable Holiday Gifts are:
o Smartwatches and fitness trackers
- Smartwatches and fitness trackers have become tremendously popular over the last several years and are poised to generate major market sales this holiday season. Health and fitness devices will lead unit sales among wearables in 2015 with a projected 20.3 million units in 2015 (Source: CEA *note this is for all of 2015 not just holidays).
- Breaking into a wearable device does not necessarily provide immediate value for a hacker; the real value lies in the wearable’s connection to a smartphone. With access to the smartphone, the hacker then could potentially jump outside the wearable’s app and read emails, SMS or even install malicious software.
o Smartphones and tablets
- With new models of smartphones and tablets being produced multiple times throughout the year, these devices make ideal gifts for friends and family who want the latest phone to support their on the go lifestyle.
- Many devices have a Bluetooth pairing password with a default of 0000 or 1234, allowing attackers to pair with them and take control. With a bit more information and trickery, an attacker can impersonate a Bluetooth device and use that to steal information, such as read text messages or dial a toll number impersonating your smart watch.
o Drones and camera-enabled devices
- These days, everybody seeks to capture their every move with camera-enabled devices – and even to capture aerial views with gadgets such as drones. According to CEA projections, the US market for drones will approach $105 million in revenue in 2015.
o Kid’s gadgets
- Kids love tech and while one would hope that children’s toys are safe in every way, there are some safety concerns that parents should be aware of, especially when these gadgets have elements that involve Internet connections.
- With children’s electronics security is rarely thought about so it falls onto the parents to make sure their child’s latest toy isn’t broadcasting video or audio to unknown viewers
Consumer call to action: As digital security threats increase and consumers get more devices and apps, there is a need to ensure they are aware of proper security precautions to protect their devices, personal data and identity.Consumers can do their part by remaining vigilant during this busy holiday season and practicing safe behavior with the following tips when gift giving and getting new connected gadgets:
- Tip: Use caution when connecting over public wireless hotspots and use only secured networks that you trust. If you must connect, assume your communications are being monitored, and do not conduct any sensitive transaction, like banking or making online purchases.
- Tips: Create long, strong and unique passwords across your devices and accounts. Do not use the same one across all, as this makes it easier to access all of your information if just one account is compromised.
- Use an app such as, True Key™ by Intel Security, to sign into mobile apps, websites, and devices without your password, using a combination of factors such as your face, fingerprint or device.
- Tip: Unless you are using your Bluetooth connection on your mobile device, you should leave it turned off. Many devices make it very easy to quickly turn Bluetooth on and off.
- ONLINE SHOPPING:
- Tips: Be careful of where you type your username and password in an app or website. There have been many cyber fraud campaigns tricking people into sharing their online payment logins.
- When using sites like PayPal or Google Wallet to make purchases online, take extra care to make sure you are actually logging into those sites and not into a carefully crafted imposter webpage.
- DEVICE SECURITY SETTINGS AND OPERATING SYSTEMS
- Tips: One of the best ways to protect yourself is to pair a comprehensive security solution with regular device updates
- Make sure your operating system is updated to the latest version and do not install apps from an untrusted source, which is often a way that cybercriminals phish for information. Sometimes it takes a long time for an operating system to be patched for a new vulnerability. Because of this, it is very important to install cross device security service like McAfee LiveSafe™ that can protect all of your devices, data and identity.